AV-AFL: A Vulnerability Detection Fuzzing Approach by Proving Non-reachable Vulnerabilities using Sound Static Analyser

Sangharatna Godboley; Kanika Gupta; Rani G. Monika

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

AV-AFL: A Vulnerability Detection Fuzzing Approach by Proving Non-reachable Vulnerabilities using Sound Static Analyser

Topics: Reliability and Security; Software and System Testing

In Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering ENASE - Volume 1, 301-308, 2022

Authors: Sangharatna Godboley ; Kanika Gupta and Rani G. Monika

Affiliation: Department of CSE, NIT Warangal, Telangana, India

Keyword(s): Fuzzing, Static Analyzer, Vulnerability Detection.

Abstract: The correctness of software depends on how well the vulnerabilities of the program are detected before the actual release of the software. Fuzzing is an effective method for vulnerability detection but it also comes with its drawback. The traditional fuzzing tools are less efficient in terms of speed and code coverage. In this paper, we demonstrate how a fuzzer works more efficiently when the input to it is given based on static analysis of the source code. We introduce the Alarmed Vulnerabilities-based American Fuzzy Lop (AV-AFL) tool that eliminates the unreachable targets from the program by analyzing the source code using the FRAMA-C tool (a sound static analyzer). The method uses Evolved Value Analysis (EVA) plugged-in with FRAMA-C tool to report alarms of possible run-time errors and gives the improvised program as an input to the AFL fuzzer. Experimental results show that the AV-AFL produces better results in total 71.11% of 45 programs than AFL in terms of vulnerability detec tion. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.16.83.150

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Godboley, S.; Gupta, K. and G. Monika, R. (2022). AV-AFL: A Vulnerability Detection Fuzzing Approach by Proving Non-reachable Vulnerabilities using Sound Static Analyser. In Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE; ISBN 978-989-758-568-5; ISSN 2184-4895, SciTePress, pages 301-308. DOI: 10.5220/0011032900003176

@conference{enase22,
author={Sangharatna Godboley. and Kanika Gupta. and Rani {G. Monika}.},
title={AV-AFL: A Vulnerability Detection Fuzzing Approach by Proving Non-reachable Vulnerabilities using Sound Static Analyser},
booktitle={Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE},
year={2022},
pages={301-308},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011032900003176},
isbn={978-989-758-568-5},
issn={2184-4895},
}

TY - CONF

JO - Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE
TI - AV-AFL: A Vulnerability Detection Fuzzing Approach by Proving Non-reachable Vulnerabilities using Sound Static Analyser
SN - 978-989-758-568-5
IS - 2184-4895
AU - Godboley, S.
AU - Gupta, K.
AU - G. Monika, R.
PY - 2022
SP - 301
EP - 308
DO - 10.5220/0011032900003176
PB - SciTePress